freebsd ports tree

Updating FreeBSD server system is quite easy. You can apply security patch to keep freebsd system up to date.

Required tools aka software

You need to have following tools on system (a) portmanager – FreeBSD ultimate ports update utility.

(b) portsnap – It is a system for securely distributing the FreeBSD ports tree. Approximately once an hour, a snapshot of the ports tree is generated, repackaged, and cryptographically signed. The resulting files are then distributed via HTTP.

(c) pkg_version – List the installed version of the package is older than the current version.

All of the above utilities work together to keeping FreeBSD up to date :)

FreeBSD install portsnap (for older system version <6.0)

On FreeBSD 6.0+, portsnap is contained in the FreeBSD base (core) system. You only need to to install portsanp as follows for older FreeBSD system:# cd /usr/ports/ports-mgmt/portsnap # make install clean

I : Use only the index file for determining if a package is out of date (faster result)

L= : Limit the output to those packages whose status flag does not match = (the installed version of the package is current.)

L' : Limit the output to those packages whose status flag does not match < (the installed version of the package is older than the current version.)

Update FreeBSD packages / software

Now run portmanager to upgrade installed ports:# portmanager -u

It will updates ports in the correct order based on their dependencies. If a port fails to "make" during update it is marked as ignored. Portmanager will continue updating any ports not marked as "ignored" so long as they are not dependent on the ignored port. Also note that it may take some time if you have large number of application installed.

If you need to upgrade all installed ports with logging, enter:# portmanager -u -l

How do I upgrade a single software only?

portmanager allows you to update a single port and all of its dependencies. For example update port called bash i.e. bash shell (shells/bash), enter:# portmanager shells/bash -l -u -f

How do I apply update again?

In order to update system again just type the following command:# portsnap fetch # portsnap update # portmanager -u -l

How do I apply binary security updates for FreeBSD?

Latest version includes a tool called freebsd-update (thanks to Bok for pointing out this tool). The freebsd-update tool is used to fetch, install, and rollback binary updates to the FreeBSD base system.

Fetch updates

Use fetch option to get all available binary updates:# freebsd-update fetch Output: